Systems and methods for processing calls

ABSTRACT

Methods and systems are described for authenticating calls. An example method may comprise receiving a message indicative of a call request. Header data associated with the message may be analyzed to determine an attestation value. A signature may be generated based on the attestation value. A signed message comprising the signature and at least a portion of the message may be sent.

CROSS-REFERENCE TO RELATED APPLICATIONS

This application is related to U.S. Patent Application No. 62/800,923,filed on Feb. 4, 2019, which is hereby incorporated by reference for anyand all purposes.

BACKGROUND

Unwanted solicitation and/or scam phone calls are a problem. Often,callers of such unwanted calls conceal an originating number and/orcaller identifier (e.g., spoof, etc.). To prevent such unwanted calls,service providers may take action (e.g., flag, drop, refuse toauthenticate/sign, etc.) against calls with spoofed information.However, legitimate reasons to initiate a call with spoofed informationdo exist. Phone calls from an end-user system, such as a PBX, may havereal or spoofed calling number information. Current solutions do nottake into account legitimate reasons to initiate a call with spoofedinformation, and do not adequately take action on unwanted or scam phonecalls. Thus, improvements are needed.

SUMMARY

Methods and systems are disclosed for authenticating informationassociated with a message. The methods and systems may be implemented byan origination phone service provider to authenticate a calling numberassociated with the message. The message may be associated with a mediasession, such as a call, audio call, video call, multimediacommunication session, and/or the like. The message may comprise asender identifier indicative of a caller (e.g., or originator) thatgenerated the message. In some scenarios, the sender identifier may beinauthentic (e.g., invalid) because the caller is attempting to hide theidentity of the caller. The message may have originated outside of thenetwork tasked with forwarding the message to a destination associatedwith the message. To determine authenticity (e.g., validity,trustworthiness) of the message, a computing device may be configured toanalyze header data, such as data associated one or more header fields,headers, and/or the like.

A diversion header, an identity header, or a paid header, or acombination thereof may be determined from the header data. Anattestation value indicative of authenticity (e.g., trustworthiness,validity) of the sender identifier may be determined based on the headerdata. The presence or absence of a diversion header, identity header,and/or paid header may be determined. Values within the diversionheader, identity header, or paid header may be determined. The presenceof the any of these headers, absence of any of these headers, the valuesof any of these headers, a combination thereof, and/or the like may beused to determine an attestation value. The attestation value may beused to generate a signature or otherwise used to generate an updatedmessage. The updated message may be sent, based on a destinationidentifier associated with the message, to another computing device(e.g., network device, router, user device, destination device).

Inbound calls may be received and processed according to one or moreintercept criteria. A message associated with an inbound call may beforked to multiple termination points. One of the termination points maydetermine, using the one or more intercept criteria, whether tointercept the call. If the one or more intercept criteria are satisfied,then the call may be intercepted. Interception of the call may simulatea pickup and/or hang up of the call, result in cancelation of the callto the other termination points.

Additional advantages will be set forth in part in the description whichfollows or may be learned by practice. It is to be understood that boththe foregoing general description and the following detailed descriptionare exemplary and explanatory only and are not restrictive.

BRIEF DESCRIPTION OF THE DRAWINGS

The accompanying drawings, which are incorporated in and constitute apart of this specification, illustrate embodiments and together with thedescription, serve to explain the principles of the methods and systems.

FIG. 1 is a block diagram illustrating an example environment.

FIG. 2A is a block diagram illustrating an example environment.

FIG. 2B is a block diagram illustrating an example environment.

FIG. 3 is a block diagram illustrating an example environment.

FIG. 4 is a flow diagram illustrating an example method.

FIG. 5 is a flow diagram illustrating an example method.

FIG. 6 is a flow diagram illustrating an example method.

FIG. 7 is a flow diagram illustrating an example method.

FIG. 8 is a block diagram illustrating an example environment.

FIG. 9 is a flow diagram illustrating an example method.

FIG. 10 is a block diagram illustrating an example computing device.

DETAILED DESCRIPTION OF ILLUSTRATIVE EMBODIMENTS

Disclosed are systems and methods for authenticating information of acommunication session. The communication session may comprise one ormore types of communication, such as text, images, video, audio, secureor encrypted communication, streaming, multimedia messaging service, acall, a conference session, a combination thereof, and/or the like. Thesystems and/or methods described herein may be implemented by one ormore devices on a network. A first device may send a data indicative ofa communication session (e.g., a request to initiate a communicationsession). The communication session may be a communication sessionbetween the first device and a second device. The communication sessionmay be implemented by routing data associated with the communicationsession across one or more networks. The first device may send the datawith false identification information. One or more computing devices inthe network may use the presently disclosed techniques to determine alevel of trustworthiness for identification information. The level oftrustworthiness may be inserted into a message of the communicationsession by applying a signature.

The signature may identify the computing device that determined thelevel of trust. The presence or absence of header data may be used todetermine the level of trustworthiness. The header data may indicateand/or be associated with different sources that are trusted and/oruntrusted. The header data may indicate that information in a message ofthe communication session has been changed. If one or more header fieldsare present in or absent from the message, this may be indicative of asource of the message. The presence of a diversion header and theabsence of an identify header may indicate that the message has a lowerlevel of trustworthiness. The presence of both the identity header anddiversion header may be indicative of a higher level of trustworthiness.One or more rules may associate the presence of header data, the absenceof header data, and/or a combination of the presence of some header dataand the absence of other header data with corresponding attestationvalues indicating different levels of trustworthiness of the message.

A communication session may comprise information associated with anoriginator and/or sender of a communication request. The systems and/ormethods described herein may be implemented on one or more computingdevices within a telecommunications network, or any generic network. Ifa communication session (e.g., call) is initiated, a message may begenerated at a sending device (e.g., telephone, computer, tablet,server, mobile device, smart device, computing station, computing node)originating the call. The message may be routed via the network to causea network connection between the sending device originating thecommunication session and the destination device (e.g., telephone,computer, tablet, server, mobile device, smart device, computingstation, computing node).

A bad actor, such as a spammer, may conceal information related to acommunication session, such as a phone number and/or a caller identifier(caller id) associated with a sending device initiating thecommunication session. Concealing information related to a communicationsession may be called spoofing. One or more service providers (or otherentities) may authenticate (e.g., authorize, approve, verify, validate)messages of a communication sessions to ensure the communication sessionare not spoofed. Authenticating communication session may comprise usinga private key to apply a signature to a message or a portion of amessage.

A certificate management system may store encryption keys, tokens,certificates, and/or the like that may be used by service providers. Aunique private key may be assigned to each service provider. Eachprivate key may have an associated public key. Each service provider mayhave access to every public key. A first service provider may receive amessage that was sent by a second service provider. The message maycomprise a signature associated with (e.g., added by) the second serviceprovider. The first service provider may verify the signature using apublic key associated with the second service provider.

A particular service provider may deploy one or more computing deviceswithin a network associated with the particular service provider. Theone or more computing devices may receive a message generated by asending device originating a communication session. The one or morecomputing devices may examine header data, such as one or more headerfields. Depending on the header data determined, an attestation valuemay be associated with the message. The attestation value may indicate alevel of authenticity (e.g., trustworthiness, expected validity) of anidentifier associated with a sender. The header data may be determinedas part of a communication session initiation sequence. After thecommunication session initiation sequence is complete, messagesassociated with a particular communication session may be forwarded(e.g., without analysis to determine the trustworthiness of the senderidentifier).

The one or more computing devices may receive a message related to acommunication session (e.g., a request to initiate a call). The one ormore computing devices may determine a presence or absence of a firstheader associated with the message. The first header may comprise adiversion header. The one or more computing devices may determine apresence or absence of a second header associated with the message. Thesecond header may comprise an identity header. The presence or absenceof a third header associated with the message may also be determined.The third header may comprise a P-Asserted-Identity (PAID) header.Although the terms first, second, and third are used to representheaders, it should be understood that the headers may be in an orderand/or be determined in any order.

Certain combinations of the presence or absence of headers may beassociated with different levels of trustworthiness and/or attestationvalues. The attestation value may comprise full attestation, partialattestation, gateway attestation, and/or other appropriate values. Thepresence of the first header, the second header, and the third headermay be associated with full attestation. The presence of the firstheader and the third header in combination with the absence of thesecond header may be associated with a partial attestation. The absenceof the first header and second header in combination with the presenceof the third header may be associated with a full attestation. Ifpresence or absence of one or more of the first header, the secondheader, or the third header indicates an error, then the one or morecomputing devices may route the message without signing (e.g.,authorizing, authenticating, etc.) the message or any portion of themessage. The first header, second header, and/or third header may alsobe checked for formatting, presence of certain data values, and/or otherinformation to determine an attestation value. The message may be signedusing the determined attestation and sent to a computing device (e.g.,for routing to the destination).

The message may be received by a computing device. The computing devicemay be associated with the first service provider or a second serviceprovider. The receiving computing device may cause appropriate action tobe taken. If the message does not comprise a signature, the receivingcomputing device may drop (e.g., ignore, discard, delete) the message orthe receiving computing device may cause a warning to be displayed(e.g., or output) at a destination device. If the message comprises asignature indicating full attestation, the receiving computing devicemay cause a call associated with the message to connect and proceednormally (e.g., display a caller id if there is any, etc.). If themessage comprises a signature indicating an attestation value less thanfull attestation, the receiving computing device may cause a callassociated with the message to connect and a warning and/or message tobe displayed (e.g., or output) at a destination device.

FIG. 1 is a block diagram showing an example environment. The exampleenvironment may comprise an authentication device 102, a first network104, a first network device 110, a sending device 112, a second network114, a second network device 120, a destination device 122, acombination thereof, and/or the like.

The authentication device 102 may comprise one or more computingdevices. The authentication device 102 may be configured to manage(e.g., store, generate, determine) digital identification information.The authentication device 102 may comprise a certificate authority(e.g., a certificate management device, certificate management system).The authentication device 102 may manage (e.g., store, create,determine) private key/public key pairs. A message or a portion of amessage signed (e.g., encrypted, etc.) by a private key may be verified(e.g., decrypted, etc.) using a public key associated with the privatekey. Each private key may be associated with a unique service provider.Each private key may be associated with a particular computing device.

The first network 104 may comprise a public portion, such as theInternet. The first network 104 may comprise a private portion. Thefirst network 104 may comprise a variety of network devices, such asrouters, servers, etc. for facilitating communication between two ormore computing devices. The first network 104 may comprise one or moremessaging protocols. The one or more messaging protocols may compriseformatting and messaging rules for messages sent via the first network104. The first network 104 may facilitate communication between anetwork device associated with a first service provider and a networkdevice associated with a second service provider.

The first network device 110 may comprise one or more computing devices.The first network device 110 may be associated with a first serviceprovider. The first network device 110 may comprise a Secure TelephoneIdentity Authentication Service (STI-AS). The first network device 110may receive a private key associated with the first service providerfrom the authentication device 102 via the first network 104.

The sending device 112 may comprise a user device, such as a landlinetelephone, a smart phone, a desktop, a laptop, a portable computingdevice, a mobile computing device, a stationary computing device, awearable computing device, etc. The sending device 112 may compriseand/or be associated with a sender identifier. The sender identifier maycomprise a number, such as a phone number. The sender identifier maycomprise an address, such as a media access control address (MACaddress) and/or an Internet Protocol address (IP address). The sendingdevice 112 may be associated with an entity, such as a subscriber to aservice. The sending device 112 may be associated with an enterprisevoice system associated with the entity. The sending device 112 may beassociated with a failover service associated with the entity. Thesending device 112 may be associated with a private branch exchange(PBX) associated with the entity. The private branch exchange maycomprise a plurality of user devices that communicate via a localnetwork (e.g., telephone trunk or other network). The private branchexchange may comprise a computing device (e.g., a server) that managescommunication sessions for the user devices. The computing device maymanage communication that is internal and/or external to the PBX. Thecomputing device located in a PBX may send messages from the sendingdevice 112 to the second network 114, the first network device 110,and/or any other computing device.

The second network 114 may be associated with the entity. The secondnetwork 114 may comprise an enterprise voice system associated with theentity. The second network 114 may be associated with a failover serviceassociated with the entity. The second network 114 may comprise a PBXassociated with the entity. A computing device associated with the PBXmay send messages from the sending device 112 to the second network 114,the first network device 110, and/or any other computing device. Thesecond network 114 may comprise a public portion, such as the Internet.The second network 114 may comprise a private portion, associated withthe entity. The second network 114 may comprise a variety of networkdevices, such as routers, servers, etc. for facilitating communicationbetween two of more computing devices. The second network 114 maycomprise one or more messaging protocols. The one or more messagingprotocols comprise formatting and messaging rules for messages sent viathe second network 114. The second network 114 may facilitatecommunication between a sending device and a network device.

The sending device 112 may receive input from a user. The input maycause the sending device 112 to initiate a communication with thedestination device 122. The sending device 112 may cause the message tobe transmitted (e.g., to the first network device 110, via the secondnetwork 114, to the second network device 120, to the destination device122). The message may comprise a number, name, and/or address associatedwith the sending device 112. The sending device 112 and/or a devicewithin the second network 114 may cause the message to conceal thenumber, name, and/or address associated with the sending device 112. Themessage, as created by the sending device 112 or as changed by a devicewithin the second network 114, may comprise a number, name, and/oraddress associated with a device other than the sending device 112.

A legitimate reason may exist for the sending device 112 and/or a devicewithin the second network 114 to conceal the number, name, and/oraddress associated with the sending device 112, such as the sendingdevice 112 and/or the second network 114 being associated with anenterprise voice system associated with the entity, a failover serviceassociated with the entity, and/or a PBX associated with the entity. Anefarious reason may exist for the sending device 112 and/or a devicewithin the second network 114 to conceal the number, name, and/oraddress associated with the sending device 112, such as an attempt toperpetrate a fraud and/or scam.

Header data may be added to the message. The header data may compriseone or more headers, such as a diversion header, identity header, paidheader, or other header. The header data may be added by any computingdevice in a network that receives the message. A computing device in thesecond network 114 (e.g., or the first network 104) may add header data(e.g., one or more headers) to the message. The computing device maycomprise a communication session device, such as a SIP device, a proxy,an edge device, routing device, a combination thereof, and/or the like.The header data may be inserted before the message is received by thefirst network device 110. A diversion header may be inserted by thecomputing device if the message is being forwarded to an alternativenetwork for failover (e.g., or load handling) purposes. An identityheader may be added to the message by a device that receives the messageand is able to authenticate the sending device 112. In some scenarios, abad actor sending the message may cause the sending device 112 to addfalse header data.

Information about which devices, sources, networks, service providers,and/or the like add in which type of header data (e.g., and in whichscenarios) may allow rules to be generated to determine correspondingattestation values (e.g., or levels of trustworthiness). If a serviceprovider of the sending device 112 does not and/or has not authenticatedthe message (e.g., has not verified that the sending device isauthorized to use the sender identifier), then the message may have noidentity header. Some service providers may have implemented protocolsthat require authentication and adding of identity headers (e.g., toprove authentication), while other service providers may not haveimplemented authentication or may not use identity headers. If nodiversion header is present in a message from an external network, thena service provider (e.g., or computing device thereof) may be able todetermine that the message is in error because the service provider mayexpect messages from an external network (e.g., or a particular networkor source) to include diversion headers. The presence of a diversionheader may indicate that the message is received from a certain type ofexternal source network or associated with a certain type of service(e.g., failover service, load balancing service, forwarding service).

The first network device 110 may receive the message. The first networkdevice 110 may apply logic (e.g., further described in reference toFIGS. 4-7 or as described elsewhere herein) to determine an attestationvalue. The first network device 110 may use the private key to apply asignature to the message or a portion of the message if the determinedattestation value is full attestation, partial attestation, gatewayattestation, etc. The first network device 110 may use the private keyto apply a signature to an identity header of the message. The identityheader may be generated by the first network device 110 (e.g., andinserted into or added to the message).

The identity header may be generated based on a protocol that definesthe format and fields of the identity header. The identity header maycomprise one or more of the following data fields: a sender identifier(e.g., calling number), a destination identifier (e.g., called number),timing information (e.g., date and time header generated), attestation(e.g., full attestation, partial attestation, gateway attestation), andan identifier of a computing device adding the identity header (e.g.,unique originating identifier). The first network device 110 maygenerate the identity header by determining values for the data fields.The first network device 110 may encrypt the values using a private keyassociated with the first network device 110. The resulting encryptedsignature (e.g., an encrypted string comprising all the data fields) maybe inserted in a header area of the message (e.g., indicated as“identity: [encrypted signature]” where brackets indicates insertedinformation). Other information may also be inserted into the message,such as an identifier of an encryption protocol used to generate thesignature. The first network device 110 may not apply a signature if thedetermined attestation value is no attestation. The first network device110 may cause the message to be transmitted (e.g., to the second networkdevice 120, via the first network 104, or to directly to the destinationdevice 122).

The second network device 120 may comprise one or more computingdevices. The second network device 120 may be associated with a secondservice provider. The second network device 120 may comprise a SecureTelephone Identity Verification Service (STI-VS). The second networkdevice 120 may receive a public key associated with the private keyassociated with the first service provider (e.g., or owner of the firstnetwork device) from the authentication device 102 via the first network104. The public key may be requested from the authentication device 102based on (e.g., in response to) receiving a message, such as a callrequest. The public key may be requested from the authentication device102 based on a field in the message indicating information associatedwith requesting the public key.

If the message comprises a signature purported to be associated with thefirst network device 110, the second network device 120 may use thepublic key associated with the first network device 110 to verify thatthe first network device 110 applied the signature. The second networkdevice 120 may use the public key to decrypt the identity header of themessage. The second network device 120 may determine how to handle themessage based on a presence or absence of a verifiable signature and/oran associated attestation value. The second network device 120 (e.g., orother device, such as the first network device 110) may determine not toforward a message with no verifiable signature (e.g., which may causethe call or request for a call to be dropped). If the message comprisesno verifiable signature or if the associated attestation value is lessthan full attestation, the second network device 120 may take one ormore protective actions (e.g., causing a notification to be sent toand/or displayed on the destination device 122, etc.) and may cause themessage to be forwarded to the destination device 122. The one or moreprotective actions may comprise causing a notification to be sent toand/or displayed (e.g., or output) on the destination device 122. Thenotification may indicate that the message sender is unverified, thatthe message is untrusted, and/or the like. The second network device 120may forward the message to the destination device 122 with no specialprotective actions if the message comprises a verifiable signature andthe associated attestation value indicates full attestation.

The destination device 122 may comprise a user device, such as alandline telephone, a smart phone, a desktop, a laptop, a portablecomputing device, a mobile computing device, a stationary computingdevice, a wearable computing device, etc. The destination device 122 maycomprise a number, such as a phone number. The destination device 122may comprise an address, such as a media access control address (MACaddress) and/or an Internet Protocol address (IP address). Thedestination device 122 may display/output messages (such as warnings,caller ids, sender phone numbers, etc.) based on the message and/or oneor more signals received from the second network device 120. A user mayreject a communication between the destination device 122 and the senderdevice 112 by engaging input into the destination device 122. A user maycause a communication between the destination device 122 and the senderdevice 112 to begin by engaging input into the destination device 122.

FIG. 2A and FIG. 2B are a block diagrams illustrating an exampleenvironment. It should be understood that the methods and systemsdescribed herein are not limited to the example environment, which isonly used for purposes of illustration. The example environment maycomprise one or more Internet Protocol (IP) Multimedia Subsystem (IMP)subscribers 202, an IMS core 204, a National Portability AdministrationCenter (NPAC) feed 206, a Short Message Service (SMS)/800 service feed208, a routing database (DB) master 210, a Secure Telephone IdentityAuthentication Service (STI-AS) 218, one or more advanced voicesubscribers 220, an advanced voice outbound network 222, a peering SBC240, a Session Initiation Protocol (SIP) Peers network 242, a mediagateway controller function and/or a media gateway 244, and a localexchange carrier (LEC) and/or tandem network 246.

The IMS core 204 may comprise one or more devices configured to routemessages. A device for routing messages may comprise a switch, a router,a Breakout Gateway Control Function (BGCF) 212, an Interrogating CallSession Control Function (I-CSCF) 214, a Home Subscriber Server (HSS)216, a Serving Call Session Control Function (S-CSCF), a telephonyapplication server (TAS), and/or a broadband application server (BAS).The advanced voice outbound network 222 may comprise one or more devicesfor routing messages. A device for routing messages may comprise aswitch, a router, a Proxy-Call Session Control Function (P-CSCF) 224, anadvanced voice application server (AV-AS) 226, and/or an advanced voicenetwork server 228 (AV-NS).

A device and/or a user associated with one of the one or more advancedvoice subscribers 220 (originator) may create a message to initiate acall. The message generated by the originator may comprise a header. Theheader may comprise information associated with the originator.Information related to the originator may comprise a phone number,caller id, address, etc. associated with the originator. The informationrelated to the originator in the header may not be actual informationrelated to the originator. The originator may comprise a telephoneconnected to a PBX, and the information related to the originator maycomprise a phone number associated with the PBX. If a failover occurs,in which an entity experiences a failure with a communication system ata premises, the originator may comprise a call center, and theinformation related to the originator may comprise a phone numberassociated with the premises.

The originator may forward the message via the advanced voice outboundnetwork 222. The originator may forward the message to the P-CSCF 224.The P-CSCF 224 may forward the message to the AV-AS 226. The AV-AS 226may forward the message to the AV-NS 228, the STI-AS 218, and the BGCF212. The STI-AS 218 may apply a signature to the message in accordancewith a method described in FIG. 4 . The STI-AS 218 may forward a signedmessage (e.g., or an unsigned message if no signature is applied) to theBGCF 212. The BGCF 212 may receive the signed message from the STI-AS218. Optionally and/or alternatively, the BGCF 212 may receive themessage without a signature applied. The AV-AS 226, the STI-AS 218, orother device may determine to forward the message to the BGCF 212without signing the message.

The NPAC feed 206 may forward routing instructions and/or portabilitydata to the routing DB master 210. The routing DB master 210 maycomprise a database for routing instructions and/or portability data.The routing DB master 210 may populate the database with the routinginstructions and/or portability data received from the NPAC feed 206.The BGCF 212 may refer to the routing DB master 210 for routinginstructions and/or portability data. The SMS/800 service feed 208 mayprovide information about toll free phone numbers to the BGCF 212.

If a destination associated with the message is one of the one or moreIMS subscribers 202 (destination), then the BGCF 212 may forward themessage via the IMS core 204 to the destination. The message maycomprise the possibly signed message and/or the message without asignature. Forwarding the message via the IMS core 204 may compriseforwarding the message via one or more devices for routing messages. TheBGCF 212 may forward the message to the I-CSCF 214. The I-CSCF 214 mayforward the message to the HSS 216. The HSS 216 may forward the messageto the destination.

If a destination associated with the message is located within the SIPPeers network 242, then the BGCF 212 may forward the message to thepeering SBC 240. The message may comprise the possibly signed messageand/or the message without a signature. The peering SBC 240 may forwardthe message to the destination within the SIP Peers network 242.

If a destination associated with the message is located within the LECand/or tandem network 246, then the BGCF 212 may forward the message tothe media gateway controller function and/or the media gateway 244. Themessage may comprise the possibly signed message and/or the messagewithout a signature. The media gateway controller function and/or themedia gateway 244 may forward the message to the destination within theLEC and/or tandem network 246.

FIG. 2B is a block diagram illustrating an example environment. Theexample environment may comprise many of the same elements as theexample environment of FIG. 2A. Additionally, the example environmentmay comprise a Secure Telephone Identity Verification Service (STI-VS)248, a wholesaler SBC 250, and a SIP wholesalers network 252. The BGCF212 may receive a message. The message may comprise a possibly signedmessage and/or a message without a signature. A destination associatedwith the message may be associated with one of the one or more advancedsubscribers 220.

If the message was created by one of the one or more IMS subscribers 202(originator), then the originator may forward the message via the IMScore 204 to the BGCF 212. Forwarding the message via the IMS core 204may comprise forwarding the message via one or more devices for routingmessages. The originator may forward the message to the HSS 216. The HSS216 may forward the message to the I-CSCF 214. The I-CSCF 214 mayforward the message to the BGCF 212.

If an originator associated with the message is located within the SIPPeers network 242, then the originator may forward the message to thepeering SBC 240. The peering SBC 240 may forward the message to theSTI-VS 248. In response to receiving the message, the peering SBC 240may initiate an integrated routing database (IRDB) dip 254 and/or aCaller-ID Name (CNAM) dip 256. The CNAM dip 256 may comprise looking upa name associated with a caller id associated with the message.

If an originator associated with the message is located within the LECand/or tandem network 246, then the originator may forward the messageto the media gateway controller function and/or the media gateway 244.The media gateway controller function and/or the media gateway 244 mayforward the message to the STI-VS 248. In response to receiving themessage, the media gateway controller function and/or the media gateway244 may initiate an IRDB dip 254 and/or a CNAM dip 256. The CNAM dip 256may comprise looking up a name associated with a caller id associatedwith the message.

If an originator associated with the message is located in the SIPwholesaler network 252, then the originator may forward the message tothe wholesaler SBC 250. The wholesaler SBC 250 may forward the messageto the STI-VS 248. In response to receiving the message, the wholesalerSBC 250 may initiate a CNAM dip 256. The CNAM dip 256 may compriselooking up a name associated with a caller id associated with themessage.

The BGCF 212 may forward the message to the STI-VS 248. The STI-VS 248may use a public key associated with a private key associated with theoriginator to verify a signature associated with the message. The STI-VS248 may determine an attestation value associated with the message. Ifthe attestation value indicates a value less than full attestation, thenthe STI-VS 248 may initiate one or more protective actions (e.g.,causing a notification to be displayed or output on the destination,etc.). The STI-VS 248 may forward the message to the advanced voiceoutbound network 222. The STI-VS 248 may forward the message to theAV-NS 228. The STI-VS 248 may forward the message to the AV-AS 226. TheAV-AS 226 may forward the message to the P-CSCF 224. The P-CSCF 224 mayforward the message to the destination. It should be understood, that inother implementations, one or more of the devices shown in FIG. 2A andFIG. 2B may be removed and/or other devices not show may be included.

FIG. 3 is a block diagram illustrating an example environment. Theenvironment may comprise a cloud-based voice system 300, a SessionInitiation Protocol (SIP) trunking system 302, a Primary Rate Interface(PRI) trunking system 304, an advanced voice Proxy-Call Session ControlFunction (AV-PCSCF) 306, an edge services gateway (ESG) 308, anintegrated access device (IAD) 310, an AV-AS 312, an AV-NS 314, a SecureTelephone Identity Authentication Service (STI-AS) 316, a BreakoutGateway Control Function (BGCF) 318, a combination thereof, and/or thelike.

A message to initiate a communication may be created by an originatingdevice (originator). The cloud-based voice system 300 may comprise theoriginator. The cloud-based voice system may forward the message to theAV-PCSCF 306. The SIP trunking system 302 may comprise the originator.The SIP trunking system 302 may forward the message to the ESG 308. Ifthe message comprises a diversion header value that is not a provisionednumber (e.g., a number provisioned by a service provider associated withthe ESG 308), then the ESG 308 may overwrite the diversion header withan account number provisioned by a service provider. If the messagecomprises an identifier in a “from” field (e.g., a value of the <orig>in the “from” field) that is not a provisioned number, then the ESG 308may populate the diversion header with an account number provisioned bya service provider. The ESG 308 may forward the message to the AV-PCSCF306. Alternatively, these functions performed by ESG 308 may beperformed by the SIP Trunking 302, AV-PCSCF 306, and/or other device.

The PRI trunking system 304 may comprise the originator. The PRItrunking system 304 may forward the message to the IAD 310. If themessage comprises a diversion header value that is not a provisionednumber, then the IAD 310 may overwrite the diversion header with anaccount number provisioned by a service provider. If the messagecomprises an identifier in a field that is not a provisioned number(e.g., a number provisioned by a service provider associated with theESG 308), then the IAD 310 may populate the diversion header with anaccount number provisioned by a service provider. The IAD 310 mayforward the message to the AV-PCSCF 306. Alternatively, these functionsperformed by IAD 310 may be performed by the PRI Trunking 308, AV-PCSCF306, and/or other device. A PBX may comprise the originator. Theoriginator may be associated with a number, a name, and/or an address.The PBX may be associated with a number, a name, and/or an address. Themessage may comprise information purported to be associated with anoriginator in an identity header. The information in the identity headermay be associated with the PBX. The AV-PCSCF 306 may strip the messageof an identity header. The AV-PCSCF 306 may forward the message to theAV-AS 312. In some implementations, the cloud-based voice system 300,the SIP trunking 302, the PRI trunking 304, the ESG 308, and/or the IAD310 may send the message directly to the AV-AS 312 and/or STI-AS 316.One or more of the devices shown in FIG. 3 may be omitted or combinedinto a single device.

If the message comprises a provisioned number in a diversion header,then the AV-AS 312 may place an address associated with the AV-AS 312 ina PAID header associated with the message. If the message comprises nodiversion header and a provisioned number in a from header, then theAV-AS 312 may reformulate the “from” header and the PAID header into aformat associated with the AV-AS 312 and the AV-AS 312 may place thereformulated PAID header into the message if the message comprises noPAID header. The AV-AS 312 may forward the message to the AV-NS 314 toreceive further routing decision. The AV-AS 312 may forward the messageto the STI-AS 316 based on routing decision received from AV-NS 314. TheSTI-AS 316 may determine an attestation value and apply a signature inaccordance with the methods described herein (e.g., in FIG. 4 orelsewhere). The STI-AS 316 may forward a signed message to the BGCF 318.The AV-AS 312 may forward an unsigned version of the message to the BGCF318. The BGCF 318 may forward the signed message and/or the unsignedversion of the message via a network.

FIG. 4 is a flow diagram illustrating an example method. The method maybe executed by any of the devices described herein. The first networkdevice 110 in FIG. 1 , the STI-AS 218 in FIG. 2A, the STI-AS 316 in FIG.3 , and/or any other similar devices may comprise one or more computingdevices configured to execute the example method. Although it is notrequired, the method may begin in response to receiving a message toinitiate a call (e.g., or other communication session). At step 402, adetermination may be made as to whether a diversion header fieldassociated with the message comprises a value or is present. If there isno value in the diversion header field, or if the field is not present,then the example method may proceed to step 404. If there is a value inthe diversion header field, then the example method may proceed to step406. The determination of whether the diversion header field associatedwith the message comprises the value may comprise determining thepresence or absence of a diversion header (e.g., or diversion headerfield).

At step 404, a determination may be made of whether an identity headerfield associated with the message comprises a value or whether theidentity header field is present (e.g., in the message). If there is avalue in the identity header field (e.g., or an identity head field ispresent), then an assumption of an error may be made. If there is avalue in the identity header field, then the example method may proceedto step 408. If there is no value in the identity header field, then theexample method may proceed to step 412. The determination of whether anidentity header field associated with the message comprises a value maycomprise determining the presence or absence of an identity header(e.g., or an identity header field).

At step 406, a determination may be made of whether an identity headerfield associated with the message comprises a value. If there is a valuein the identity header field, then the example method may proceed tostep 416. If there is no value in the identity header field, then theexample method may proceed to step 422. At step 408, the one or morecomputing devices may forward the message without applying a signatureto the message. In some implementations, step 408 may comprise applyinga partial attestation, a gateway attestation, and/or the like. Afterstep 408, the example method may proceed to step 410. At step 410, themethod may end. The method may be repeated each time a message isreceived.

At step 412, a determination may be made of whether a PAID header fieldassociated with the message comprises a value and if the value is in acorrect format. If there is no value in the PAID header field, or if thevalue in the PAID header field is not in the correct format, then theexample method may proceed to step 408. If there is a value in the PAIDheader field and the value in the PAID header field is in the correctformat, then the example method may proceed to step 414.

At step 414, the one or more computing devices may apply a signature tothe message. Applying the signature to the message may comprise applyingan authentication protocol, validation protocol, encryption protocol,security protocol, and/or the like. The signature may be based a token,such as an assertion token, or a persona assertion token. Applying thesignature may comprise generating and/or formatting the signature basedon a Secure Handling of Asserted information using toKENs (SHAKEN)protocol. The signature may be associated with (e.g., in the message) anidentifier that indicates the SHAKEN protocol. The signature maycomprise a SHAKEN Personal Assertion Token (PASSporT). The SHAKENPASSporT may comprise an attestation value indicating full attestation.The one or more computing devices may forward the signed message. Afterstep 414, the example method may proceed to step 410.

At step 416, the one or more computing devices may retrieve anoriginator value and a destination value from the identity header. Theoriginator value (e.g., <orig> value) may comprise one or more of acalling number, name associated with an originator, a Uniform ResourceIdentifier (URI) associated with an originator, an address associatedwith an originator, etc. The destination value (e.g., <dest> value) maycomprise one or more of a called number, name associated with adestination, a URI associated with a destination, an address associatedwith a call destination, etc. After step 416, the example method mayproceed to step 418.

At step 418, a determination may be made of whether a PAID header fieldassociated with the message comprises a value and if the value is in acorrect format. If there is no value in the PAID header field, or if thevalue in the PAID header field is not in the correct format, then theexample method may proceed to step 408. If there is a value in the PAIDheader field and the value in the PAID header field is in the correctformat, then the example method may proceed to step 420.

At step 420, the one or more computing devices may apply a signature tothe message. Applying the signature to the message may comprise applying(e.g., adding) a Div PASSportT (e.g., a token in a diversion header).The message may comprise a SHAKEN PASSport before the signature isapplied. Applying the signature to the message may comprise preservingthe original identity header (e.g., with the SHAKEN PASSporT) and addinga second identity header with a Div PASSporT to the message. The DivPASSporT may comprise an attestation value indicating full attestation.The one or more computing devices may forward the signed message. Afterstep 420, the example method may proceed to step 410.

At step 422, a determination may be made of whether a PAID header fieldassociated with the message comprises a value and/or if the value is ina correct format. If there is no value in the PAID header field, or ifthe value in the PAID header field is not in the correct format, thenthe example method may proceed to step 408. If there is a value in thePAID header field and the value in the PAID header field is in thecorrect format, then the example method may proceed to step 424.

At step 424, the one or more computing devices may apply a signature tothe message. Applying the signature to the message may comprise applyinga SHAKEN PASSporT to the message. The SHAKEN PASSporT may comprise anattestation value indicating less than full attestation. The attestationvalue indicating less than full attestation may comprise partialattestation, gateway attestation, etc. The one or more computing devicesmay forward the signed message. After step 424, the example method mayproceed to step 410.

FIG. 5 is a flow diagram illustrating an example method 500. At step502, a message indicative of a call request may be received. The firstnetwork device 110 in FIG. 1 , the STI-AS 218 in FIG. 2A, the STI-AS 316in FIG. 3 , and/or any other similar devices may receive a messageindicative of a call request. The message may comprise a senderidentifier. The sender identifier may be inauthentic (e.g., invalid,untrusthworthy) and/or some sender information may be missing. Themessage may comprise a destination identifier. The message may comprisea SIP invite message. The message may be received by a computing device.The computing device may be managed by a first service provider. Themessage may be received from a network not managed by the first serviceprovider. The message may be received from a private branch exchange.

The sender identifier may comprise an identifier associated with a firstuser sending (e.g., originating) the message. The sender identifier maycomprise one or more of a domain associated with a sender, an emailaddress, a telephone number, a network address, an internet protocoladdress, or a uniform resource identifier. The destination identifiermay comprise an identifier associated with a second user intended toreceive the message. The destination identifier may comprise one or moreof a domain associated with a second user, an email address, a telephonenumber, a network address, an internet protocol address, or a uniformresource identifier.

The message may comprise one or more of a communication protocol messageor a SIP message. The message may be part of a call initiation sequence.The message may be associated with establishing one or more of acommunication session, a media communication session, an audio call, ora video call.

At step 504, header data associated with the message may be determined.The first network device 110 in FIG. 1 , the STI-AS 218 in FIG. 2A, theSTI-AS 316 in FIG. 3 , and/or any other similar devices may determineheader data associated with the message. Determining the header dataassociated with the message may comprise determining one or more of adiversion header or an identity header. Determining header data maycomprise determining that one or more headers (e.g., diversion header,identity header) or header values are absent from the message. Theheader data may comprise a header field, a protocol variable, a protocolcommand, a protocol method, metadata indicative of the message or a datapayload, timing information associated with the message, routinginformation, redirection information, connection information, sequenceinformation, version information, the sender identifier, or thedestination identifier. The header data may comprise data associatedwith one or more of routing a data payload, forwarding the message, orprocessing the message. The header data may comprise a paid header.

The diversion header may be associated with redirection of the message.The diversion header may comprise redirection information, informationindicative of a device forwarding the message, or data indicative of areason for the redirection. The message may comprise a plurality ofdiversion headers. Determining the header data may comprise determiningone of the plurality of diversion headers. The identity header may beassociated with indicating an identity of the user and/or user devicesending the message. The identity header may comprise a SIP identityheader. The identity header may be inserted by a network device that didnot originate the message. The identity header may comprise anidentifier of the network device. The message may comprise a pluralityof identity headers. Determining the header data may comprisedetermining one or more of the plurality of identity headers.

At step 506, an attestation value may be determined. The attestationvalue may be determined based on the header data. The attestation valuemay be indicative of trustworthiness of the usage of the senderidentifier in the message. The attestation value may be indicative ofauthenticity (e.g., validity) of the sender identifier. The attestationvalue may be indicative of a level of trust that the sender identifieris authentic (e.g., or accurately represents the sender, or is used by asender authorized to use the sender identifier) and/or has beenauthenticated. The attestation value may be indicative of a level oftrust that that the sender or originator has been authenticated to usethe sender identifier. The first network device 110 in FIG. 1 , theSTI-AS 218 in FIG. 2A, the STI-AS 316 in FIG. 3 , and/or any othersimilar devices may determine an attestation value indicative ofauthenticity (e.g., validity, trustworthiness) of the sender identifierbased on the header data. The attestation value may be one of aplurality of attestation values. The plurality of attestation values mayindicate different levels of one or more of expected authenticity (e.g.,validity) or trustworthiness.

The plurality of attestation values may comprise one or more of a firstattestation (e.g., full attestation), a second attestation (e.g., apartial attestation), a third attestation (e.g., a gateway attestation),or no attestation. The first attestation may indicate that the senderidentifier is determined to be one or more of authenticated, verified,or trusted. The second attestation may indicate that sender identifierhas not been determined to be one or more of authenticated, verified, ortrusted but the sender of the message is one or more of authenticated,verified, or trusted. The third attestation may indicate that a networkdevice from which the message was received is one or more ofauthenticated, verified, or trusted. If no attestation value is present,it may indicate that no information of the message is one or more ofauthenticated, verified, or trusted.

The attestation value may be determined based on one or more attestationrules. The one or attestation rules may associate message features withcorresponding attestation values. The message features may comprisevalues and/or the presence of one or more data fields, data values,header fields, or header values. A combination of multiple messagefeatures may be associated with a corresponding attestation value.

At step 508, a signature may be generated based on the attestationvalue. The first network device 110 in FIG. 1 , the STI-AS 218 in FIG.2A, the STI-AS 316 in FIG. 3 , and/or any other similar devices maygenerate a signature based on the attestation value. Generating thesignature may comprise applying a cryptographic process to at least theattestation value. Generating the signature may be based on one or moreof a validation protocol, authentication protocol, or a securityprotocol. The signature may be based on a certificate. The certificatemay be generated by and/or received from a certificate authority (e.g.,certificate management system, certification management device). Thesignature and/or certificate may comprise a cryptographic key, such as aprivate key associated with a public/private key-pair. Generating thesignature may comprise encrypting the attestation value (e.g., alongwith other values). The signature may be generated based on one or moreof a secure telephone identity revisited (STIR) protocol or a securehandling of asserted information using tokens (SHAKEN) protocol.

At step 510, a signed message comprising the signature and at least aportion of the message may be sent based on the destination identifier.The first network device 110 in FIG. 1 , the STI-AS 218 in FIG. 2A, theSTI-AS 316 in FIG. 3 , and/or any other similar devices may send asigned message comprising the signature and at least a portion of themessage based on the destination identifier.

FIG. 6 is a flow diagram illustrating an example method 600. At step602, a message indicative of a call request may be received. The firstnetwork device 110 in FIG. 1 , the STI-AS 218 in FIG. 2A, the STI-AS 316in FIG. 3 , and/or any other similar devices may receive a messageindicative of a call request. The message may comprise a senderidentifier and/or a destination identifier. The sender identifier may beinauthentic (e.g., invalid, untrustworthy) and/or some senderinformation may be missing. The message may comprise a SIP invitemessage. The message may be received by a computing device. Thecomputing device may be managed by a first service provider. The messagemay be received from a network not managed by the first serviceprovider. The message may be received from a private branch exchange.

The sender identifier may comprise an identifier associated with a firstuser sending (e.g., originating) the message. The sender identifier maycomprise one or more of a domain associated with a sender, an emailaddress, a telephone number, a network address, an internet protocoladdress, or a uniform resource identifier. The destination identifiermay comprise an identifier associated with a second user intended toreceive the message. The destination identifier may comprise one or moreof a domain associated with a second user, an email address, a telephonenumber, a network address, an internet protocol address, or a uniformresource identifier. The message may comprise one or more of acommunication protocol message or a SIP message. The message may be partof a call initiation sequence. The message may be associated withestablishing one or more of a communication session, a mediacommunication session, an audio call, or a video call.

At step 604, a presence or an absence of header data associated with themessage may be determined. The first network device 110 in FIG. 1 , theSTI-AS 218 in FIG. 2A, the STI-AS 316 in FIG. 3 , and/or any othersimilar devices may determine a presence or an absence of header dataassociated with the message. Determining the presence or the absence ofthe header data may comprise determining a presence or an absence of oneor more of a diversion header or an identity header. The header data maycomprise a header field, a protocol variable, a protocol command, aprotocol method, metadata indicative of the message or a data payload,timing information associated with the message, routing information,redirection information, connection information, sequence information,version information, the sender identifier, or the destinationidentifier. The header data may comprise data associated with one ormore of routing a data payload, forwarding the message, or processingthe message. The header data may comprise a paid header.

The diversion header may be associated with redirection of the message.The diversion header may comprise redirection information, informationindicative of a device forwarding the message, or data indicative of areason for the redirection. The message may comprise a plurality ofdiversion headers. Determining the presence or the absence of headerdata may comprise determining a presence or an absence of one of theplurality of diversion headers. The identity header may be associatedwith indicating an identity of the user and/or user device sending themessage. The identity header may comprise a SIP identity header. Theidentity header may be inserted by a network device that did notoriginate the message. The identity header may comprise an identifier ofthe network device. The message may comprise a plurality of identityheaders. Determining the presence or the absence of header data maycomprise determining a presence or an absence of one of the plurality ofidentity headers.

At step 606, an attestation value may be determined. The attestationvalue may be determined based on the presence or the absence of theheader data. The attestation value may be indicative of trustworthinessof the usage of the sender identifier in the message. The attestationvalue may be indicative of authenticity (e.g., validity,trustworthiness) of the sender identifier. The attestation value may beindicative of a level of trust that the sender identifier is authentic(e.g., or accurately represents the sender, or is used by a senderauthorized to use the sender identifier) and/or has been authenticated.The attestation value may be indicative of a level of trust that thatthe sender or originator has been authenticated to use the senderidentifier. The first network device 110 in FIG. 1 , the STI-AS 218 inFIG. 2A, the STI-AS 316 in FIG. 3 , and/or any other similar devices maydetermine an attestation value indicative of authenticity of the senderidentifier based on the presence or the absence of the header data. Theattestation value may be one of a plurality of attestation values. Theplurality of attestation values may indicate different levels of one ormore of expected authenticity or trustworthiness.

The plurality of attestation values may comprise one or more of a firstattestation (e.g., full attestation), a second attestation (e.g., apartial attestation), a third attestation (e.g., a gateway attestation),or no attestation. The first attestation may indicate that the senderidentifier is determined to be one or more of authenticated, verified,or trusted. The second attestation may indicate that sender identifierhas not been determined to be one or more of authenticated, verified, ortrusted but the sender of the message is one or more of authenticated,verified, or trusted. The third attestation may indicate that a networkdevice from which the message was received is one or more ofauthenticated, verified, or trusted. If no attestation value is present,it may indicate that no information of the message is one or more ofauthenticated, verified, or trusted.

The attestation value may be determined based on one or more attestationrules. The one or attestation rules may associate message features withcorresponding attestation values. The message features may comprisevalues and/or the presence of one or more data fields, data values,header fields, or header values. A combination of multiple messagefeatures may be associated with a corresponding attestation value.

At step 608, a signature may be generated based on the attestationvalue. The first network device 110 in FIG. 1 , the STI-AS 218 in FIG.2A, the STI-AS 316 in FIG. 3 , and/or any other similar devices maygenerate a signature based on the attestation value. Generating thesignature may comprise applying a cryptographic process to at least theattestation value. Generating the signature may be based on one or moreof a validation protocol, authentication protocol, or a securityprotocol. The signature may be based on a certificate. The certificatemay be generated by and/or received from a certificate authority (e.g.,a certificate management device, certificate management system). Thesignature and/or certificate may comprise a cryptographic key, such as aprivate key associated with a public/private key-pair. Generating thesignature may comprise encrypting the attestation value. The signaturemay be generated based on one or more of a secure telephone identityrevisited (STIR) protocol or a secure handling of asserted informationusing tokens (SHAKEN) protocol.

At step 610, a signed message comprising the signature and at least aportion of the message may be sent based on the destination identifier.The first network device 110 in FIG. 1 , the STI-AS 218 in FIG. 2A, theSTI-AS 316 in FIG. 3 , and/or any other similar devices may send asigned message comprising the signature and at least a portion of themessage based on the destination identifier.

FIG. 7 is a flow diagram illustrating an example method 700. At step702, a message indicative of a call request may be received. The firstnetwork device 110 in FIG. 1 , the STI-AS 218 in FIG. 2A, the STI-AS 316in FIG. 3 , and/or any other similar devices may receive a messageindicative of a call request. The message may comprise a senderidentifier and/or a destination identifier. The sender identifier may beinauthentic (e.g., invalid, untrustworthy) and/or some senderinformation may be missing. The message may comprise a SIP invitemessage. The message may be received by a computing device. Thecomputing device may be managed by a first service provider. The messagemay be received from a network not managed by the first serviceprovider. The message may be received from a private branch exchange.

The sender identifier may comprise an identifier associated with a firstuser sending (e.g., originating) the message. The sender identifier maycomprise one or more of a domain associated with a sender, an emailaddress, a telephone number, a network address, an internet protocoladdress, or a uniform resource identifier. The destination identifiermay comprise an identifier associated with a second user intended toreceive the message. The destination identifier may comprise one or moreof a domain associated with a second user, an email address, a telephonenumber, a network address, an internet protocol address, or a uniformresource identifier.

The message may comprise one or more of a communication protocol messageor a SIP message. The message may be part of a call initiation sequence.The message may be associated with establishing one or more of acommunication session, a media communication session, an audio call, ora video call.

At step 704, an absence of header data associated with the message maybe determined. The first network device 110 in FIG. 1 , the STI-AS 218in FIG. 2A, the STI-AS 316 in FIG. 3 , and/or any other similar devicesmay determine an absence of header data associated with the message.Determining the absence of the header data may comprise determining anabsence of one or more of a diversion header or an identity header.Determining the absence of the header data may comprise determining anabsence of one or more of: a header field, a protocol variable, aprotocol command, a protocol method, metadata indicative of the messageor a data payload, timing information associated with the message,routing information, redirection information, connection information,sequence information, version information, the sender identifier, or thedestination identifier. Determining the absence of the header data maycomprise determining an absence of data associated with one or more of:routing a data payload, forwarding the message, or processing themessage. Determining the absence of the header data may comprisedetermining an absence of a paid header.

Determining the absence of the header data may comprise determining anabsence of the diversion header. Determining the absence of thediversion header may comprise determining an absence of informationassociated with redirection of the message. Determining the absence ofthe diversion header may comprise determining an absence of one or moreof: redirection information, information indicative of a deviceforwarding the message, or data indicative of a reason for theredirection.

Determining the absence of the header data may comprise determining anabsence of the identity header. Determining an absence of the identityheader may comprise determining an absence of information indicating anidentity of the user and/or user device sending the message. Determiningan absence of the identity header may comprise determining an absence ofa SIP identity header. Determining an absence of the identity header maycomprise determining an absence of a header inserted by a network devicethat did not originate the message. Determining an absence of theidentity header may comprise determining an absence of an identifier ofthe network device.

At step 706, a determination to send the message without a signature maybe made. The determination to send the message without the signature maybe made based on the absence of the header data. The first networkdevice 110 in FIG. 1 , the STI-AS 218 in FIG. 2A, the STI-AS 316 in FIG.3 , and/or any other similar devices may determine to send the messagewithout the signature based on the absence of the header data.Determining to send the message without the signature may comprisedetermining that the message fails to meet one or more of a thresholdauthenticity or a threshold trustworthiness.

At step 708, the message may be sent based on the destinationidentifier. The first network device 110 in FIG. 1 , the STI-AS 218 inFIG. 2A, the STI-AS 316 in FIG. 3 , and/or any other similar devices maysend the message based on the destination identifier. The message may besent without a signature (e.g., without adding, applying, or inserting asignature).

FIG. 8 is a block diagram showing an example environment. The exampleenvironment may be configured to handle inbound calls. An inbound callmay be received as data indicative of the inbound call. The dataindicative of the inbound call may comprise a message, such as a SIPmessage, a SIP invite message, and/or the like. The example environmentmay comprise the second network device 120 and the destination device122 of FIG. 1 .

The data indicative of the inbound call may be received by a borderservice 802. The border service 802 may comprise a session bordercontroller, an interconnection border control, a gateway, a computingdevice, and/or the like. The border service 802 may be configured tocommunicate with a screening service 804. The screening service 804 maybe configured to perform an initial screening of the message. Theinitial screening may comprise determining whether a sender identifier(e.g., calling number, sending number) is an assigned or unassignednumber. A database of assigned and/or unassigned numbers (e.g., pooledfrom all service providers) may be queried to determine whether thesender identifier is assigned. If the sender identifier is not assigned,the message may be discarded. The border service 802 may be configuredto communicate with an identity service 806. The identity service 806may comprise a Caller-ID Name (CNAM). The identity service 806 may beconfigured to determine (e.g., query from an identity server) a name(e.g., personal name, such as John Doe, company name), calleridentifier, and/or the like associated with the message.

The border service 802 may be configured to add one or more headers tothe message. The one or more headers may comprise information from theidentity service 806, such as the name, caller identifier, and/or thelike. The one or more headers may comprise information associated with asource of the message, such as geographic information (e.g., ageographic region and/or area originating the inbound call), sourceidentifying information (e.g., a network or service provider thatforwarded the message), and/or the like. The one or more headers maycomprise an indication of whether the sender identifier is an assignedor unassigned number.

The border service 802 may be configured to send the message to acontrol service 808. The control service 808 may comprise a Call SessionControl Function (CSCF). The control service 808 may be configured tocontrol management of one or more call sessions associated with theinbound call.

The control service 808 may be configured to communicate with averification service 810. The verification service 810 may comprise aSecure Telephone Identity Verification Service (STI-VS). Theverification service 810 may be configured to process the message (e.g.,the inbound call) using STIR/SHAKEN protocols. The verification service810 may determine an attestation value, such as full attestation,partial attestation, gateway attestation, or no attestation. Attestationvalue may be added to the one or more headers of the message.

The control service 808 may be configured to communicate with atelephone application server (TAS) 812. The telephon application server812 may be configured to process the message to provide telephoneapplication features, such as call forwarding, call screening, and/orthe like.

The control service 808 may be configured to communicate with a forkingservice 814. The forking service 814 may be configured to cause themessage (e.g., a SIP Invite message) to be sent (e.g., forked) to aplurality of termination points, such as the first termination point816, the second termination point 818, and the third termination point820. Copies of the message may be simultaneously sent to each of theplurality of termination points. Causing the message to be sent to theplurality of termination points may cause simultaneous ringing (e.g., orany process that notifies a user of the inbound call) of the pluralityof termination points.

The first termination point 816 may comprise nuisance call handlingservice (NCHS). The second termination point 818 may comprise a mobilityservice configured to connect inbound calls to a mobile device, such asa smart phone, smart watch, cell phone, tablet device, smart device,and/or the like. The third termination point 820 may comprise customerpremises equipment, such as streaming device, VOIP phone, television,set top box, and/or the like.

The NCHS of the first termination point 816 may be configured to beanalyze the message and/or data associated with the message to determinewhether to intercept the message. The message may be intercepted if themessage is indicative of a nuisance call (e.g., spam). The NCHS may beconfigured to analyze the message to determining if the call isindicative of neighborhood spoofing.

The NCHS may apply one or more intercept criteria to determine whetherto intercept the message. If analysis of the message indicates that themessage matches the intercept criteria, then the message may beintercepted. If analysis of the message indicates that the message doesnot match the intercept criteria, then a determination may be made tonot intercept the message. The NCHS may cause the first terminationpoint 816 to send a busy message, such as a SIP 4xx message (e.g., SIP486 busy here message). Sending of the busy message may allow furthercall processing by the other termination points.

The NCHS may be configured to intercept the call by causing sending of amessage indicative of a connection to at least part of the plurality oftermination points, such as the second termination point 818 and thethird termination point 820. Intercepting the call may cause ringingassociated with one or more of the plurality of termination points to beterminated. Intercepting the call may comprise connecting the inboundcall to an interactive voice response (IVR) service. Intercepting thecall may comprise sending a call termination message, such as a SIP byemessage. Intercepting the message may comprise forwarding the call to avoicemail service.

The one or more intercept criteria may comprise a matching of one ormore digits of a destination identifier (e.g., called number,destination number) to one or more digits of the sender identifier. Theintercept criteria may comprise criteria indicative of neighborhoodspoofing. The intercept criteria may indicate matching of a numberplanning area (e.g., the first three digits after the area code) of thedestination identifier and the sender identifier. The intercept criteriamay indicate matching of the first six digits (e.g., NPA-NXX) of thedestination identifier and the sender identifier. The intercept criteriamay indicate matching of the last four digits of the destinationidentifier and the sender identifier.

The one or more intercept criteria may comprise a reputation scoreassociated with the message (e.g., or a source of the message) beingabove or below a threshold. The one or more intercept criteria maycomprise a failure of an authentication process. The one or moreintercept criteria may comprise a condition of the sender identifier(e.g., or other identifier associated with the source/caller) being on ablacklist. The blacklist may comprise a system-wide blacklist, apersonal blacklist associated with an entity (e.g., company, user)associated with the destination identifier.

If the message comprises a sender identifier (e.g., or other identifierassociated with the source/caller) being on an exception list, the callmay not be intercepted. Messages that match the intercept criteria maynot be intercepted if the sender identifier (e.g., or other identifierassociated with the source/caller) is on the exception list. Theexception list may comprise a network-wide exception list (e.g.,including 911 PSAP numbers, GETS numbers, etc.). The exception list maycomprise an exception list associated with a user (e.g., unique to orspecific to the user). The exception list associated with the user mayhave numbers (e.g., or other identifiers, such as email addresses) addedby the user and/or numbers automatically added. The automatically addednumbers be may added from an address book and/or contact list of theuser. Frequently used numbers associated with the user may be added tothe exception list (e.g., based on the usage of the number reaching athreshold number of times in a period). The user may be able to accessthe exception list via an application, such as a web application, amobile application, a television application, a set top box application,and/or the like.

The one or more intercept criteria may comprise one or more conditionsassociated with the attestation value. If the attestation valueindicates that the message has full attestation (e.g., or partialattestation), the message may be determined to not need to beintercepted (e.g., may be determined to not be a nuisance). If theattestation value indicates that the message has gateway attestation(e.g., or partial attestation) or no attestation, the message may bedetermined to satisfy an intercept criterion. A combination of a lowerattestation value (e.g., lower than full attestation, including partialattestation, gateway attestation, or no attestation) and other criteria(e.g., neighborhood spoofing criteria) may indicate that the inboundcall should be intercepted.

The one or more intercept criteria may comprise one or more conditionsassociated with the information in the one or more headers. If theinformation indicates that the sender identifier is unassigned, then theone or more intercept criteria may be satisfied. If the informationindicates that the number is within or outside of a geographic area,then the one or more intercept criteria may be satisfied. If theinformation indicates that the name (e.g., caller ID) matches a pattern(e.g., has certain characters, letters, words), then the one or moreintercept criteria may be satisfied.

The border service 802, screening service 804, identity service 806,control service 808, verification service 810, TAS 812, forking service814, or a combination thereof may be implemented by one or morecomputing devices. The one or more computing devices may comprise thesecond network device 120 of FIG. 1 . The second network device 120 maybe configured to implement the border service 802, screening service804, identity service 806, control service 808, verification service810, TAS 812, forking service 814, or a combination thereof. Thedestination device 122 of FIG. 1 may comprise one of the plurality oftermination points, such as the first termination point 816, the secondtermination point 818, or the third termination point 820.

FIG. 9 is a flow diagram illustrating an example method 900. At step902, a message (e.g., or data) indicative of an inbound call may bereceived. The message may comprise a SIP message, such as a SIP inviteMessage. The message may be received by the border service 802, asession border controller, an interconnection border control, a gateway,a computing device, and/or the like.

At step 904, the message (e.g., or data indicative of the message) maybe sent to a plurality of termination points. The message may be forked(e.g., copied, duplicated) into a plurality messages. The plurality ofmessages may be sent to corresponding termination points of a pluralityof termination points. The plurality of termination points may comprisea first termination point, a second termination point, and a thirdtermination point. Sending the plurality of messages may cause ringing(e.g., or other notification of a call to a user) of one or more of theplurality of termination points. The first termination point maycomprise the nuisance call handling service (NCHS) of FIG. 8 . Thesecond termination point may comprise a mobility service configured toconnect inbound calls to a mobile device, such as a smart phone, smartwatch, cell phone, tablet device, smart device, and/or the like. Thethird termination point may comprise customer premises equipment, suchas streaming device, VOIP phone, television, set top box, and/or thelike.

At step 906, it may be determined that the message satisfies one or moreintercept criteria. The message satisfying the one or more interceptcriteria may be indicative of the inbound call being a nuisance call(e.g., spam call). The determination may be made using at least one ofthe plurality of termination points. The first termination point (e.g.,the NCHS) may analyze the message and determine that the messagesatisfies the one or more intercept criteria. The one or more interceptcriteria may indicate matching of a sender identifier (e.g., identifierof the caller) to a condition. The one or more intercept criteria mayindicate matching of a destination identifier (e.g., identifier of thecalled) to a condition.

The one or more intercept criteria may comprise a matching of one ormore digits of the destination identifier to one or more digits of thesender identifier. The intercept criteria may comprise criteriaindicative of neighborhood spoofing. The intercept criteria may indicatematching of a number planning area (e.g., the first three digits afterthe area code) of the destination identifier and the sender identifier.The intercept criteria may indicate matching of the first six digits(e.g., NPA-NXX) of the destination identifier and the sender identifier.The intercept criteria may indicate matching of the last four digits ofthe destination identifier and the sender identifier.

The one or more intercept criteria may comprise a reputation scoreassociated with the message (e.g., or a source of the message) beingabove or below a threshold. The one or more intercept criteria maycomprise a failure of an authentication process. The one or moreintercept criteria may be the sender identifier (e.g., or otheridentifier associated with the source/caller) being on a blacklist. Theblacklist may comprise a system-wide blacklist, a personal blacklistassociated with an entity (e.g., company, user) associated with thedestination identifier.

If the message comprises a sender identifier (e.g., or other identifierassociated with the source/caller) being on an exception list, the callmay not be intercepted. Messages that match the intercept criteria maynot be intercepted if the sender identifier (e.g., or other identifierassociated with the source/caller) is on the exception list. Theexception list may comprise a network-wide exception list (e.g.,including 911 PSAP numbers, GETS numbers, etc.). The exception list maycomprise an exception list associated with a user (e.g., unique to orspecific to the user). The exception list associated with the user mayhave numbers (e.g., or other identifiers, such as email addresses) addedby the user and/or numbers automatically added. The automatically addednumbers be may added from an address book and/or contact list of theuser. Frequently used numbers associated with the user may be added tothe exception list (e.g., based on the usage of the number reaching athreshold number of times in a period). The user may be able to accessthe exception list via an application, such as a web application, amobile application, a television application, a set top box application,and/or the like.

The one or more intercept criteria may comprise one or more conditionsassociated with the attestation value. If the attestation valueindicates that the message has full attestation (e.g., or partialattestation), the message may be determined to not need to beintercepted (e.g., may be determined to not be a nuisance). If theattestation value indicates that the message has gateway attestation(e.g., or partial attestation) or no attestation, the message may bedetermined to satisfy an intercept criterion. A combination of a lowerattestation value (e.g., lower than full attestation, including partialattestation, gateway attestation, or no attestation) and other criteria(e.g., neighborhood spoofing criteria) may indicate that the inboundcall should be intercepted.

The one or more intercept criteria may comprise one or more conditionsassociated with the information in the one or more headers. If theinformation indicates that the sender identifier is unassigned, then theone or more intercept criteria may be satisfied. If the informationindicates that the number is within or outside of a geographic area,then the one or more intercept criteria may be satisfied. If theinformation indicates that the name (e.g., caller ID) matches a pattern(e.g., has certain characters, letters, words), then the one or moreintercept criteria may be satisfied.

At step 908, the inbound call may be caused to be intercepted. Theinbound call may be intercepted based on the determination that themessage satisfies the one or more intercept criteria. Causing theinbound call to be intercepted may cause ringing of one or more of theplurality of termination points to cease. Causing the inbound call to beintercepted may comprise causing simulation of a pick up of the inboundcall. The first termination point may cause the interception by sendingdata indicating the call has been picked up by a user. The dataindicating the call has been picked up by the user may comprise aconfirmation message, such as a SIP 200 Ok message.

Intercepting the call may comprise connecting the inbound call to aninteractive voice response (IVR) service. Intercepting the call maycomprise sending a call termination message, such as a SIP Bye message.Intercepting the message may comprise forwarding the call to a voicemailservice.

At step 910, data indicative of the interception may be communicated toat least a portion of the plurality of termination points. Sending theconfirmation message may cause cancellation of ringing and/or anyattempt to establish a communication session one or more terminationpoints. A computing service (e.g., forking service 814, control service808) receiving the confirmation message from the first termination pointmay cause sending of a cancellation message (e.g., SIP Cancel message)to one or more of the plurality of termination points (e.g., except thefirst termination point).

FIG. 10 shows a computing device that may be used in various aspects,such as the servers, services modules, and/or devices depicted in FIG. 1, FIG. 2A, FIG. 2B, FIG. 3 , and FIG. 8 . With regard to the exampledevices of FIG. 1 , FIG. 2A, FIG. 2B, and FIG. 3 , the first networkdevice 110, the second network device 120, the STI-AS 218, the STI-VS248, the STI-AS 316, and many other elements depicted may each beimplemented in an instance of a computing device 1000 of FIG. 10 . Withregard to the example services of FIG. 8 , the border service 802, thescreening service 804, the identity service 806, the control service808, the verification service 810, the TAS 812, the forking service 814,the first termination point, 816, the second termination point 818, thethird termination point, may each be implemented in an instance of acomputing device 1000 of FIG. 10 . The computing device shown in FIG. 10shows a conventional server computer, workstation, desktop computer,laptop, tablet, network appliance, PDA, e-reader, digital cellularphone, or other computing node, and may be utilized to execute anyaspects of the computers described herein, such as to implement any ofthe systems and the methods described in relation to FIG. 1 , FIG. 2A,FIG. 2B, FIG. 3 , FIG. 4 , FIG. 5 , FIG. 6 , FIG. 7 , FIG. 8 , and/orFIG. 9 .

The computing device 1000 may include a baseboard, or “motherboard,”which is a printed circuit board to which a multitude of components ordevices may be connected by way of a system bus or other electricalcommunication paths. One or more central processing units (CPUs) 1004may operate in conjunction with a chipset 1006. The CPU(s) 1004 may bestandard programmable processors that perform arithmetic and logicaloperations necessary for the operation of the computing device 1000.

The CPU(s) 1004 may perform the necessary operations by transitioningfrom one discrete physical state to the next through the manipulation ofswitching elements that differentiate between and change these states.Switching elements may generally include electronic circuits thatmaintain one of two binary states, such as flip-flops, and electroniccircuits that provide an output state based on the logical combinationof the states of one or more other switching elements, such as logicgates. These basic switching elements may be combined to create morecomplex logic circuits including registers, adders-subtractors,arithmetic logic units, floating-point units, and the like.

The CPU(s) 1004 may be augmented with or replaced by other processingunits, such as GPU(s) 1005. The GPU(s) 1005 may comprise processingunits specialized for but not necessarily limited to highly parallelcomputations, such as graphics and other visualization-relatedprocessing.

A chipset 1006 may provide an interface between the CPU(s) 1004 and theremainder of the components and devices on the baseboard. The chipset1006 may provide an interface to a random access memory (RAM) 1008 usedas the main memory in the computing device 1000. The chipset 1006 mayfurther provide an interface to a computer-readable storage medium, suchas a read-only memory (ROM) 1020 or non-volatile RAM (NVRAM) (notshown), for storing basic routines that may help to start up thecomputing device 1000 and to transfer information between the variouscomponents and devices. ROM 1020 or NVRAM may also store other softwarecomponents necessary for the operation of the computing device 1000 inaccordance with the aspects described herein.

The computing device 1000 may operate in a networked environment usinglogical connections to remote computing nodes and computer systemsthrough local area network (LAN) 1016. The chipset 1006 may includefunctionality for providing network connectivity through a networkinterface controller (NIC) 1022, such as a gigabit Ethernet adapter. ANIC 1022 may be capable of connecting the computing device 1000 to othercomputing nodes over a network 1016. It should be appreciated thatmultiple NICs 1022 may be present in the computing device 1000,connecting the computing device to other types of networks and remotecomputer systems.

The computing device 1000 may be connected to a mass storage device 1028that provides non-volatile storage for the computer. The mass storagedevice 1028 may store system programs, application programs, otherprogram modules, and data, which have been described in greater detailherein. The mass storage device 1028 may be connected to the computingdevice 1000 through a storage controller 1024 connected to the chipset1006. The mass storage device 1028 may consist of one or more physicalstorage units. A storage controller 1024 may interface with the physicalstorage units through a serial attached SCSI (SAS) interface, a serialadvanced technology attachment (SATA) interface, a fiber channel (FC)interface, or other type of interface for physically connecting andtransferring data between computers and physical storage units.

The computing device 1000 may store data on a mass storage device 1028by transforming the physical state of the physical storage units toreflect the information being stored. The specific transformation of aphysical state may depend on various factors and on differentimplementations of this description. Examples of such factors mayinclude, but are not limited to, the technology used to implement thephysical storage units and whether the mass storage device 1028 ischaracterized as primary or secondary storage and the like.

For example, the computing device 1000 may store information to the massstorage device 1028 by issuing instructions through a storage controller1024 to alter the magnetic characteristics of a particular locationwithin a magnetic disk drive unit, the reflective or refractivecharacteristics of a particular location in an optical storage unit, orthe electrical characteristics of a particular capacitor, transistor, orother discrete component in a solid-state storage unit. Othertransformations of physical media are possible without departing fromthe scope and spirit of the present description, with the foregoingexamples provided only to facilitate this description. The computingdevice 1000 may further read information from the mass storage device1028 by detecting the physical states or characteristics of one or moreparticular locations within the physical storage units.

In addition to the mass storage device 1028 described above, thecomputing device 1000 may have access to other computer-readable storagemedia to store and retrieve information, such as program modules, datastructures, or other data. It should be appreciated by those skilled inthe art that computer-readable storage media may be any available mediathat provides for the storage of non-transitory data and that may beaccessed by the computing device 1000.

By way of example and not limitation, computer-readable storage mediamay include volatile and non-volatile, transitory computer-readablestorage media and non-transitory computer-readable storage media, andremovable and non-removable media implemented in any method ortechnology. Computer-readable storage media includes, but is not limitedto, RAM, ROM, erasable programmable ROM (“EPROM”), electrically erasableprogrammable ROM (“EEPROM”), flash memory or other solid-state memorytechnology, compact disc ROM (“CD-ROM”), digital versatile disk (“DVD”),high definition DVD (“HD-DVD”), BLU-RAY, or other optical storage,magnetic cassettes, magnetic tape, magnetic disk storage, other magneticstorage devices, or any other medium that may be used to store thedesired information in a non-transitory fashion.

A mass storage device, such as the mass storage device 1028 depicted inFIG. 10 , may store an operating system utilized to control theoperation of the computing device 1000. The operating system maycomprise a version of the LINUX operating system. The operating systemmay comprise a version of the WINDOWS SERVER operating system from theMICROSOFT Corporation. According to further aspects, the operatingsystem may comprise a version of the UNIX operating system. Variousmobile phone operating systems, such as IOS and ANDROID, may also beutilized. It should be appreciated that other operating systems may alsobe utilized. The mass storage device 1028 may store other system orapplication programs and data utilized by the computing device 1000.

The mass storage device 1028 or other computer-readable storage mediamay also be encoded with computer-executable instructions, which, whenloaded into the computing device 1000, transforms the computing devicefrom a general-purpose computing system into a special-purpose computercapable of implementing the aspects described herein. Thesecomputer-executable instructions transform the computing device 1000 byspecifying how the CPU(s) 1004 transition between states, as describedabove. The computing device 1000 may have access to computer-readablestorage media storing computer-executable instructions, which, whenexecuted by the computing device 1000, may perform the methods describedin relation to FIG. 1 , FIG. 2A, FIG. 2B, FIG. 3 , FIG. 4 , FIG. 5 ,FIG. 6 , FIG. 7 , FIG. 8 , and FIG. 9 .

A computing device, such as the computing device 1000 depicted in FIG.10 , may also include an input/output controller 1032 for receiving andprocessing input from a number of input devices, such as a keyboard, amouse, a touchpad, a touch screen, an electronic stylus, or other typeof input device. Similarly, an input/output controller 1032 may provideoutput to a display, such as a computer monitor, a flat-panel display, adigital projector, a printer, a plotter, or other type of output device.It will be appreciated that the computing device 1000 may not includeall of the components shown in FIG. 10 , may include other componentsthat are not explicitly shown in FIG. 10 , or may utilize anarchitecture completely different than that shown in FIG. 10 .

As described herein, a computing device may be a physical computingdevice, such as the computing device 1000 of FIG. 10 . A computing nodemay also include a virtual machine host process and one or more virtualmachine instances. Computer-executable instructions may be executed bythe physical hardware of a computing device indirectly throughinterpretation and/or execution of instructions stored and executed inthe context of a virtual machine.

It is to be understood that the methods and systems are not limited tospecific methods, specific components, or to particular implementations.It is also to be understood that the terminology used herein is for thepurpose of describing particular embodiments only and is not intended tobe limiting.

As used in the specification and the appended claims, the singular forms“a,” “an,” and “the” include plural referents unless the context clearlydictates otherwise. Ranges may be expressed herein as from “about” oneparticular value, and/or to “about” another particular value. When sucha range is expressed, another embodiment includes from the oneparticular value and/or to the other particular value. Similarly, whenvalues are expressed as approximations, by use of the antecedent“about,” it will be understood that the particular value forms anotherembodiment. It will be further understood that the endpoints of each ofthe ranges are significant both in relation to the other endpoint, andindependently of the other endpoint.

“Optional” or “optionally” means that the subsequently described eventor circumstance may or may not occur, and that the description includesinstances where said event or circumstance occurs and instances where itdoes not.

Throughout the description and claims of this specification, the word“comprise” and variations of the word, such as “comprising” and“comprises,” means “including but not limited to,” and is not intendedto exclude, for example, other components, integers or steps.“Exemplary” means “an example of” and is not intended to convey anindication of a preferred or ideal embodiment. “Such as” is not used ina restrictive sense, but for explanatory purposes.

Components are described that may be used to perform the describedmethods and systems. When combinations, subsets, interactions, groups,etc., of these components are described, it is understood that whilespecific references to each of the various individual and collectivecombinations and permutations of these may not be explicitly described,each is specifically contemplated and described herein, for all methodsand systems. This applies to all aspects of this application including,but not limited to, operations in described methods. Thus, if there area variety of additional operations that may be performed it isunderstood that each of these additional operations may be performedwith any specific embodiment or combination of embodiments of thedescribed methods.

As will be appreciated by one skilled in the art, the methods andsystems may take the form of an entirely hardware embodiment, anentirely software embodiment, or an embodiment combining software andhardware aspects. Furthermore, the methods and systems may take the formof a computer program product on a computer-readable storage mediumhaving computer-readable program instructions (e.g., computer software)embodied in the storage medium. More particularly, the present methodsand systems may take the form of web-implemented computer software. Anysuitable computer-readable storage medium may be utilized including harddisks, CD-ROMs, optical storage devices, or magnetic storage devices.

Embodiments of the methods and systems are described below withreference to block diagrams and flowchart illustrations of methods,systems, apparatuses and computer program products. It will beunderstood that each block of the block diagrams and flowchartillustrations, and combinations of blocks in the block diagrams andflowchart illustrations, respectively, may be implemented by computerprogram instructions. These computer program instructions may be loadedon a general-purpose computer, special-purpose computer, or otherprogrammable data processing apparatus to produce a machine, such thatthe instructions which execute on the computer or other programmabledata processing apparatus create a means for implementing the functionsspecified in the flowchart block or blocks.

These computer program instructions may also be stored in acomputer-readable memory that may direct a computer or otherprogrammable data processing apparatus to function in a particularmanner, such that the instructions stored in the computer-readablememory produce an article of manufacture including computer-readableinstructions for implementing the function specified in the flowchartblock or blocks. The computer program instructions may also be loadedonto a computer or other programmable data processing apparatus to causea series of operational steps to be performed on the computer or otherprogrammable apparatus to produce a computer-implemented process suchthat the instructions that execute on the computer or other programmableapparatus provide steps for implementing the functions specified in theflowchart block or blocks.

The various features and processes described above may be usedindependently of one another, or may be combined in various ways. Allpossible combinations and sub-combinations are intended to fall withinthe scope of this disclosure. In addition, certain methods or processblocks may be omitted in some implementations. The methods and processesdescribed herein are also not limited to any particular sequence, andthe blocks or states relating thereto may be performed in othersequences that are appropriate. For example, described blocks or statesmay be performed in an order other than that specifically described, ormultiple blocks or states may be combined in a single block or state.The example blocks or states may be performed in serial, in parallel, orin some other manner. Blocks or states may be added to or removed fromthe described example embodiments. The example systems and componentsdescribed herein may be configured differently than described. Forexample, elements may be added to, removed from, or rearranged comparedto the described example embodiments.

It will also be appreciated that various items are illustrated as beingstored in memory or on storage while being used, and that these items orportions thereof may be transferred between memory and other storagedevices for purposes of memory management and data integrity.Alternatively, in other embodiments, some or all of the software modulesand/or systems may execute in memory on another device and communicatewith the illustrated computing systems via inter-computer communication.Furthermore, in some embodiments, some or all of the systems and/ormodules may be implemented or provided in other ways, such as at leastpartially in firmware and/or hardware, including, but not limited to,one or more application-specific integrated circuits (“ASICs”), standardintegrated circuits, controllers (e.g., by executing appropriateinstructions, and including microcontrollers and/or embeddedcontrollers), field-programmable gate arrays (“FPGAs”), complexprogrammable logic devices (“CPLDs”), etc. Some or all of the modules,systems, and data structures may also be stored (e.g., as softwareinstructions or structured data) on a computer-readable medium, such asa hard disk, a memory, a network, or a portable media article to be readby an appropriate device or via an appropriate connection. The systems,modules, and data structures may also be transmitted as generated datasignals (e.g., as part of a carrier wave or other analog or digitalpropagated signal) on a variety of computer-readable transmission media,including wireless-based and wired/cable-based media, and may take avariety of forms (e.g., as part of a single or multiplexed analogsignal, or as multiple discrete digital packets or frames). Suchcomputer program products may also take other forms in otherembodiments. Accordingly, the present invention may be practiced withother computer system configurations.

While the methods and systems have been described in connection withpreferred embodiments and specific examples, it is not intended that thescope be limited to the particular embodiments set forth, as theembodiments herein are intended in all respects to be illustrativerather than restrictive.

It will be apparent to those skilled in the art that variousmodifications and variations may be made without departing from thescope or spirit of the present disclosure. Other embodiments will beapparent to those skilled in the art from consideration of thespecification and practices described herein. It is intended that thespecification and example figures be considered as exemplary only, witha true scope and spirit being indicated by the following claims.

What is claimed:
 1. A method comprising: receiving, by a first deviceand from a second device, a message indicative of a call request,wherein the message comprises a sender identifier associated with athird device, a destination identifier, and header data, wherein theheader data is added to the message by the second device; determining,based on a presence or absence of a diversion header associated with theheader data, an attestation value indicative of trustworthiness of usageof the sender identifier in the message; generating, based on theattestation value, a signature; and sending, based on the destinationidentifier, a signed message comprising the signature and at least aportion of the message.
 2. The method of claim 1, wherein the messagecomprises a session initiation protocol invite message.
 3. The method ofclaim 1, wherein the header data comprises one or more of a diversionheader or an identity header.
 4. The method of claim 1, wherein thefirst device is managed by a first service provider, and whereinreceiving the message comprises receiving the message from a secondnetwork not managed by the first service provider.
 5. The method ofclaim 1, wherein receiving the message comprises receiving the messagefrom a private branch exchange.
 6. The method of claim 1, wherein theattestation value is one of a plurality of attestation values indicatingdifferent levels of trustworthiness.
 7. The method of claim 1, whereingenerating the signature comprises applying a cryptographic process toat least the attestation value.
 8. A method comprising: receiving amessage indicative of a call request, wherein the message comprises asender identifier and a destination identifier; determining a presenceor an absence of each of an identity header and a diversion headerassociated with the message; determining an attestation value indicativeof trustworthiness of usage of the sender identifier in the message,wherein the attestation value is determined based on a rule associatingthe presence or absence of each of the identity header and the diversionheader with the attestation value; generating, based on the attestationvalue, a signature; and sending, based on the destination identifier, asigned message comprising the signature and at least a portion of themessage.
 9. The method of claim 8, wherein the message comprises asession initiation protocol invite message.
 10. The method of claim 8,wherein receiving the message comprises receiving the message by acomputing device managed by a first service provider and from a networknot managed by the first service provider.
 11. The method of claim 8,wherein receiving the message comprises receiving the message from aprivate branch exchange.
 12. The method of claim 8, wherein theattestation value is one a plurality of attestation values indicatingdifferent levels of trustworthiness.
 13. The method of claim 8, whereingenerating the signature comprises applying a cryptographic process toat least the attestation value.
 14. A method comprising: receiving amessage indicative of a call request, wherein the message comprises asender identifier and a destination identifier; determining an absenceof an identity header and a diversion header associated with themessage; determining, based on the absence of the identity header andthe diversion header, to send the message without a signature; andsending, based on the destination identifier, the message.
 15. Themethod of claim 14, wherein the message comprises a session initiationprotocol invite message.
 16. The method of claim 14, wherein receivingthe message comprises receiving the message by a computing devicemanaged by a first service provider and from a network not managed bythe first service provider.
 17. The method of claim 14, whereinreceiving the message comprises receiving the message from a privatebranch exchange.
 18. The method of claim 14, wherein determining to sendthe message without the signature comprises determining that the messagefails to meet one or more of a threshold authenticity or a thresholdtrustworthiness.
 19. The method of claim 1, wherein the second devicecomprises a computing device in a network receiving the message from thethird device, and wherein the third device is an originator of themessage.
 20. The method of claim 1, wherein the first device and thesecond device are in communication via a first network and the seconddevice and the third device are in communication via a second network,and wherein the third device is an originator of the message.
 21. Themethod of claim 8, wherein determining the presence or the absence ofeach of the identity header and the diversion header associated with themessage comprises determining that the identity header is absent and thediversion header is present, and wherein determining the attestationvalue based on the rule associating the presence or absence of each ofthe identity header and the diversion header with the attestation valuecomprises determining that the attestation value is a partialattestation.
 22. The method of claim 8, wherein determining the presenceor the absence of each of the identity header and the diversion headerassociated with the message comprises determining that the identityheader is present and the diversion header is present, and whereindetermining the attestation value based on the rule associating thepresence or absence of each of the identity header and the diversionheader with the attestation value comprises determining that theattestation value is a full attestation.
 23. The method of claim 8,further comprising: determining a presence of a P-Asserted-Identity(PAID) header associated with the message.
 24. The method of claim 23,wherein determining the presence or the absence of each of the identityheader and the diversion header associated with the message comprisesdetermining that the identity header is absent and the diversion headeris absent, and wherein determining the attestation value based on therule associating the presence or absence of each of the identity headerand the diversion header with the attestation value comprisesdetermining that the attestation value is a full attestation.
 25. Themethod of claim 23, wherein determining the presence or the absence ofeach of the identity header and the diversion header associated with themessage comprises determining that the identity header is present andthe diversion header is absent, and wherein determining the attestationvalue based on the rule associating the presence or absence of each ofthe identity header and the diversion header with the attestation valuecomprises determining that the attestation value is a partialattestation.
 26. The method of claim 14, further comprising: causing, ata device associated with the destination identifier, output of anotification indicating that the sender identifier is unverified or thatthe message is untrusted.